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DETAILED ACTION 



1 . This response is in response to the communication filed on December 13, 2005. 
Claims 1-11, 13-33, and 35-42 are currently being considered. 

Response to Arguments 



2. Applicant's arguments filed December 13, 2005 have been fully considered but 
they are not persuasive for the following reasons: 

Regarding claim 31, the Applicant contests the 35 U.S.C. 101 rejection, stating 
that the limitations in claim 31 produce tangible and concrete results. This argument is 
not found persuasive. Claim 31 defines an "administrative interface" that contains a 
private key repository that is capable of allowing adding or deleting of key related 
information, and a decryptor authorization logic definition function capable of allowing 
the definition of.decryptor authorization logic to be applied to decryptor information to 
determine eligibility to decrypt. These are both viewed as software modules, which are 
not realizing any function producing a tangible and concrete result. The reason for this 
is that the limitations are functional descriptive material per se, but lack a computer 
readable medium needed for realizing the functionality. More specifically, due to the 
lack of a medium, there is no ability to provide a tangible, concrete result because there 
is not defined way to access the software. Therefore, the rejection under 35 U.S.C. 101 
is respectfully maintained. 
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Regarding claim 1 , the Applicant argues that the Cited Prior Art (CPA), Ford 
(U.S. Patent No. 5,481,613), does not teach using "decryptor authorization logic stored 
externally to the key release request that is to be applied in determining whether or not 
to release the decryption key." This argument is not found persuasive. The CPA 
discloses "the key release agent is a server system which is trusted to deliver 
decryption keys to decrypting systems only when the identity and attributes of the 
decrypting system (decryptor) match a set of access control criteria" (column 6 lines 13- 
17). Furthermore, the CPA states "the KRA may obtain decryptor privilege attributes 
from a supporting database" (column 6 lines 53-55). The decryptor privilege attributes 
are analogous to the authorization logic as both provide the key release agent with 
information which is used to determine whether or not to release the key. These 
attributes used to verify if the key should be released can be located at the remote 
database (externally to the key release request) (Figure 2, column 6 lines 53-55) and 
are used in determining whether or not to release the decryption key. 

Therefore, the rejection for the pending claims is respectfully maintained as given 

below. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 



Application/Control Number: 09/746,01 5 Page 4 

Art Unit: 2131 

3. Claim 31 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 31 defines an "administrative interface" 
that contains a private key repository that is capable of allowing adding or deleting of 
key related information, and a decryptor authorization logic definition function capable of 
allowing the definition of decryptor authorization logic to be applied to decryptor 
information to determine eligibility to decrypt. These are both viewed as software 
modules, which are not realizing any function producing a tangible and concrete result. 
The reason for this is that the limitations are functional descriptive material per se, but 
lack a computer readable medium needed for realizing the functionality. More 
specifically, due to the lack of a medium, there is no ability to provide a tangible, 
concrete result because there is not defined way to access the software. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the Invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 13-30 and 38-42 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Ford et al. (U.S. Patent 5,481 ,613). 



Regarding claim 13, Ford discloses: 
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A key release method comprising: 

receiving a key ciphertext and key related information in respect of a key used to 
encrypt the key ciphertext from a decryptor (Figure 2, column 6 lines 24 - 40); 

locating decryptor authorization logic stored externally to the decryptor with use 
of the key related information (Figure 2, column 6 lines 50-55); 

obtaining decryptor information in respect of the decryptor (column 6 lines 42 - 
65); and 

deciding based on the decryptor information and the decryptor authorization logic 
whether decryption of the key ciphertext is to be permitted (column 6 lines 56 - 66). 

Regarding claim 29, Ford discloses: 

A method of controlling access to a decryption key comprising: 

receiving from a decryptor a key release request comprising decryptor 
information and the decryption key encrypted using a public key (Figure 2 step 34, 
column 6 line 40 - column 7 line 49); 

locating decryptor authorization logic stored externally to the decryptor with use 
of the key related information (Figure 2, column 6 lines 50-55); 

applying the decryption authorization logic to encrypt the decryption key to the 
decryptor information to determine whether the decryptor should be permitted access to 
the decryption key (column 7 lines 35 - 49); 
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upon determining the decryptor should be permitted access to the decryption 
key, sending a key release response specifying the decryption key (column 7 lines 35 - 
49). 

Regarding claim 30, Ford discloses: 

A method of controlling access to decryption keys comprising: 

maintaining a private key repository comprising a plurality of access identifiers, 
and for each access identifier at least one key related information of a respective {public 
key, private key} pair, the repository also containing the private key of each {public key, 
private key} pair (column 5 line 26 - column 6 line 33); 

receiving a key release request containing a decryption key encrypted using a 
public key of a {public key, private key} pair and containing a key related information 
associated with the (public key, private key} pair (column 7 lines 35 - 49); 

maintaining a repository residing externally to the key release request 
associating each access identifier with respective decryptor authorization logic that can 
be applied to a decryptor information (Figure 6, lines 50-55); 

obtaining decryptor information (Figure 2 step 34, column 6 line 40 - column 7 
line 49; Figure 6, lines 50-55) 

for each access identifier in association with which the key related information is 
stored, applying the respective decryptor authorization logic to the decryptor information 
specified in the key release request (column 7 lines 35 - 49); 
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i 

in the event the decryptor information satisfies at least one of the 
respective decryptor authorization logics, decrypting the ciphertext to recover the 
decryption key, and sending a key release response to the decryptor specifying the 
decryption key (column 7 lines 35 - 49). 

Regarding claim 38, Ford discloses: 
A key release agent comprising: 

means for receiving from a decryptor a key ciphertext and key related information 
in respect of a key used to encrypt the key ciphertext (Figure 2 step 34, column 6 line 
40 - column 7 line 49); 

means for locating decryptor authorization logic stored externally to the decryptor 
with use of the key related information (Figure 6, lines 50-55); 

means for obtaining decryptor information in respect of the decryptor (Figure 2 
step 34, column 6 line 40 - column 7 line 49, Figure 6, lines 50-55); 

means for deciding based on decryptor information of the decryptor and the 
decryptor authorization logic whether decryption of the key ciphertext is to be permitted 
(column 7 lines 35 - 49). 

Claim 14 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 
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A method according to claim 13 wherein the decryptor information is received 
from the decryptor together with the key ciphertext and key related information (Figure 2 
step 34, column 6 line 40 - column 7 line 49). 

Claim 15 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 wherein obtaining decryptor information 
comprises receiving the decryptor information while establishing a secure connection 
with the decryptor (Figure 2 step 34, column 6 line 40 - column 7 line 49). 

Claim 16 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 wherein obtaining decryptor information 
comprises: 

receiving from the decryptor a decryptor identifier (Figure 2 step 34, column 6 
line 40 - column 7 line 49); 

using the decryptor identifier to lookup decryptor attributes from a public 
repository, the decryptor identifier and decryptor attributes together constituting the 
decryptor information (Figure 2, column 6 line 42 - 65). 

Claim 17 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 
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A method according to claim 1 3 further comprising: 

using information in a certificate as the decryptor information (column 6 lines 42 - 

55). 

Claim 20 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 wherein the decryptor information is an identity 
or role of the decryptor, an alias, or a claim of access rights or privilege, or some other 
attribute of the decryptor of a corresponding decrypting device or platform (column 6 
line 40 - column 7 line 49). 

Claim 21 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 wherein the key related information comprises a 
key pair identifier (column 5 line 18 - column 6 line 32). 

Claim 22 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 further comprising: 
decrypting the key ciphertext, re-encrypting the key using a public key of a 
{public key, private key} pair to produce a re-encrypted key, the private key of which is 
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available to the decryptor, and sending the re-encrypted key to the decryptor (column 7 
lines 8 - 49). 

Claim 23 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 further comprising: 

decrypting the key ciphertext to obtain a decryption key (Figure 4, column 7 lines 
35 - 50); 

sending the decryption key to the decryptor over a secure channel (Figure 4, 
column 7 lines 35 - 50). 

Claim 24 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 1 3 further comprising: 

decrypting the key ciphertext to obtain a decryption key (Figure 4, column 7 lines 
35-50); 

using a symmetric key available to the decryptor, encrypting the decryption key 
with the symmetric key to produce an encrypted decryption key, and sending the 
encrypted decryption key to the decryptor (Figure 4, column 7 lines 35 - 50). 

Claim 25 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 
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A method according to claim 13 further comprising: 

receiving a plurality of key ciphertexts and respective key related information 
from the decryptor and determining whether at least one private key required to decrypt 
a respective at least one key ciphertext of the plurality of key ciphertexts is available 
(Figure 2, column 6 lines 24 - 40); 

using the respective key related information to locate respective decryptor 
authorization logic stored externally to the decryptor (Figure 6, lines 50-55); and 

upon determining such at least one private key is available, deciding based on 
the decryptor information and the respective decryptor authorization logic whether 
decryption of at least one of the plurality of key ciphertexts is to be permitted (column 7 
lines 35 -49). 

Claim 28 is rejected as applied above in rejecting claim 13. Furthermore, Ford 
discloses: 

A method according to claim 13 wherein deciding based on decryptor information 
of the decryptor and the decryptor authorization logic whether decryption of the key 
ciphertext is to be permitted comprises applying at least one rule of the decryptor 
authorization logic associated with the public key used to encrypt the decryption key to 
the decryptor information to determine whether the decryptor should be permitted 
access to the decryption key (column 7 lines 35 - 49). 
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Claim 39 is rejected as applied above in rejecting claim 38. Furthermore, Ford 
discloses: 

A key release agent according to claim 38 adapted to receive the decryptor 
information together with the key ciphertext and key related information (Figure 2, 
column 6 lines 24-40). 

Claim 40 is rejected as applied above in rejecting claim 39. Furthermore, Ford 
discloses: 

A key release agent according to claim 38 adapted to use a decryptor identifier to 
lookup decryptor attributes from a repository, the decryptor identifier and decryptor 
attributes together constituting the decryptor information (Figure 2, column 6 line 42 - 
65). 

Claim 41 is rejected as applied above in rejecting claim 38. Furthermore, Ford 
discloses: 

A key release agent according to claim 38 further comprising: 
decrypting means for decrypting the key ciphertext (column 7 lines 8 - 49). 
encryption means for re-encrypting the key using a public key of a {public key, private 
key pair to produce a re-encrypted key, the private key of which is available to the 
decryptor (column 7 lines 8 - 49); 

means for spending the re-encrypted key to the decryptor (column 7 lines 8 - 49). 
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Claim 42 is rejected as applied above in rejecting claim 38. Furthermore, Ford 
discloses: 

A key release agent according to claim 38 further comprising: 
means for applying decryptor authorization logic associated with each public key 
used to encrypt the decryption key to the decryptor information for determining whether 
the decryptor should be permitted access to the decryption key (column 7 lines 35 - 
49). 

Claim 18 is rejected as applied above in rejecting claim 17. Furthermore, Ford 
discloses: 

A method according to claim 17 further comprising: 

obtaining the certificate from a certificate repository (column 6 lines 42 - 55). 

Claim 19 is rejected as applied above in rejecting claim 17. Furthermore, Ford 
discloses: 

A method according to claim 17 further comprising receiving the certificate 
together with the key ciphertext and key related information (column 6 lines 42 - 55). 

Claim 26 is rejected as applied above in rejecting claim 25. Furthermore, Ford 
discloses: 

A method according to claim 25 further comprising: 
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decrypting one of the key ciphertexts using a corresponding private key to 
recover a decryption key (Figure 2, column 6 lines 24 - 40). 

Claim 27 is rejected as applied above in rejecting claim 25. Furthermore, Ford 
discloses: 

A method according to claim 25 wherein deciding based on decryptor information 
of the decryptor and the respective decryptor authorization logic whether decryption of 
at least one of the key ciphertexts is to be permitted comprises applying the respective 
decryptor authorization logic associated with each public key used to encrypt the 
decryption key to the decryptor information to determine whether the decryptor should 
be permitted access to the decryption key (column 7 lines 35 49). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1 - 12 and 31 - 37 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Ford et al. (U.S. Patent 5,481 ,613). 



Regarding claim 1, Ford discloses: 
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A method for a decryptor to obtain a decryption key from a key release agent 
comprising: 

a decryptor obtaining an encryption block comprising a data ciphertext requiring 
a decryption key to decrypt, the encryption block further comprising key related 
information associated with a first (public key, private key) pair, the encryption block 
further comprising a key ciphertext consisting of the decryption key encrypted by the 
first public key of the first {public key, private key) pair (Figure 2 step 34, column 6 line 
40 - column 7 line 49); 

the decryptor generating a key release request containing the key ciphertext, and 
the key related information and outputting the key release request to the key release 
agent, the key release request for use by the key release agent to locate decryptor 
authorization logic stored externally to the key release that is to be applied in 
determining whether or not to release the decryption key (Figure 2 step 34, column 6 
line 40 - column 7 line 49, Figure 6, lines 50-55) 

the decryptor receiving a key release response specifying the decryption key 
(column 7 lines 35 - 49). 

Ford however discloses that the encryption block includes an access controlled 
decryption block (ACD). However, the use of the ACD is not necessary to the operation 
of the key release agent releasing the decryption key to a decryptor. The ACD is just 
another section of data, which cannot be altered without the use of a key release agent 
(KRA). The exclusion of the ACD does not prohibit the cited prior art from providing a 
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decryptor obtaining an encryption block with key related information, the decryptor 
generating a key release request, or the decryptor receiving a key release response 
specifying the decryption key which the claims delineate. Therefore it would have been 
obvious to one of ordinary skill in the art to exclude the use of the specific data structure 
designated as the ACD, and replace it with another data structure that just provides key 
related information and not the additional information associated with the ACD. 

Regarding claim 31 , Ford discloses a private key repository with key related information 
and associated private keys of a {public key, private key} pair and a decryptor 
authorization logic definition function adapted to allow the definition of decryptor 
authorization logic to be applied to decryptor information to determine eligibility to 
decrypt, and for each decryptor authorization logic to select one or more of the key 
related information in respect of which the rule is to be applied (column 7 lines 35 - 49). 
Ford does not explicitly disclose an administrative interface comprising a private key 
maintenance function adapted to allow adding and deleting of a key related information 
and associated private key of a {public key, private key} pair. However, Ford discloses 
that the private key and key related information are stored in databases and/or in a 
trusted server system (column 5 lines 22 - 35). Servers by nature have an 
administrative interface to manage data, which the keys and key related information are 
classified. Therefore the function of adding and deleting data (private key and key 
related information) is a normal function of a server system. Therefore it would have 
been obvious to one of ordinary skill in the art to incorporate the function of adding and 
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deleting keys and key related data using the server system to achieve the benefits of 
increased security of the keys and keeping more recent keys. Also, if one key is 
corrupted or discovered by a third party, it is obvious that the compromised key must be 
deleted and another must be added in its place. Therefore though not mentioned 
explicitly in the prior art, the function claimed is deemed obvious in view of the above 
arguments. 

Regarding claim 33, Ford discloses: 
A decryptor comprising: 

means for obtaining an encryption block comprising a data ciphertext requiring a 
decryption key to decrypt, the encryption block further comprising key related 
information associated with a first {public key, private key pair, the encryption block 
further comprising a key ciphertext consisting of the decryption key encrypted by the 
first public key of the first (public key, private key) pair (Figure 2 step 34, column 6 line 
40 - column 7 line 49); 

means for generating a key .release request containing the key ciphertext, and 
the key related information and outputting the key release request to the key release 
agent (Figure 2 step 34, column 6 line 40 - column 7 line 49); 

means for making decryptor information available to the key release agent, the 
decryptor information for use by the key release agent to obtain decryptor authorization 
logic stored externally to the key release request that is to be applied in determining 
whether or not to release the decryption key (Figure 6, lines 50-55); 
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means for receiving a key release response specifying the decryption key 
(column 7 lines 35 - 49). 

Ford however discloses that the encryption block includes an access controlled 
decryption block (ACD). However, the use of the ACD is not necessary to the operation 
of the key release agent releasing the decryption key to a decryptor. The ACD is just 
another section of data, which cannot be altered without the use of a key release agent 
(KRA).. The exclusion of the ACD does not prohibit the cited prior art from providing a 
decryptor obtaining an encryption block with key related information, the decryptor 
generating a key release request, or the decryptor receiving a key release response 
specifying the decryption key which the claims delineate. Therefore it would have been 
obvious to one of ordinary skill in the art to exclude the use of the specific data structure 
designated as the ACD, and replace it with another data structure that just provides key 
related information and not the additional information associated with the ACD. 

Claim 2 is rejected as applied above in rejecting claim 1. Furthermore, Ford discloses: 

A method according to claim 1 further comprising the decryptor making the 
decryptor information available to the key release agent in determining decryptor 
attributes, the decryptor attributes for further use in determining whether or not to 
release the decryption key (column 6 lines 42-65). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Ford discloses: 
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A method according to claim 1 further comprising the decryptor using the 
decryption key to decrypt the data ciphertext (Figure 4, column 7 lines 35 - 50). 

Claim 6 is rejected as applied above in rejecting claim 2. Furthermore, Ford discloses: 

A method according to claim 1 wherein the decryptor making the decryptor 
information available to the key release agent comprises providing a decryptor identifier 
which may be used to look up decryptor attributes stored in a repository external to the 
key release request (Figure 2 step 34, column 6 line 40 - column 7 line 49, Figure 6, 
lines 50-55). 

Claim 7 is rejected as applied above in rejecting claim 1. Furthermore, Ford discloses: 
A method according to claim 1 wherein the key related information comprises a 
key pair identifier (column 7 lines 35 - 49). 

Claim 8 is rejected as applied above in rejecting claim 1. Furthermore, Ford discloses: 

A method according to claim 1 further comprising: 

before generating the key release request, the decryptor determining if the 
private key of the first {public key, private key} pair is available at the decryptor (column 
6 lines 33 - 65); 

upon determining the private key of the first {public key, private key} pair is not 
available at the decryptor generating the key release request (column 6 lines 33 - 65). 
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Claim 9 is rejected as applied above in rejecting claim 1. Furthermore, Ford discloses: 
A method according to claim 1 further comprising: 

decrypting at least a portion of the key release response containing an encrypted 
version of the decryption key using a private key of a second {public key, private key} 
pair to recover the decryption key (Figure 4, column 7 lines 35 - 50). 

Claim 10 is rejected as applied above in rejecting claim 1. Furthermore, Ford discloses: 
A method according to claim 1 wherein the encryption block comprises a plurality 
of key related information associated with a respective plurality of first {public key, 
private key} pairs, and a respective plurality of key ciphertexts each consisting of the 
decryption key encrypted by the public key of a respective one of the plurality of first 
{public key, private key} pairs associated with the plurality of key related information, the 
method comprising: 

generating the key release request containing the plurality of key ciphertexts, and 
the associated plurality of key related information (Figure 2 step 34, column 6 line 40 - 
column 7 line 49). 

Claim 32 is rejected as applied above in rejecting claim 31 . Furthermore, Ford 
discloses: 

An administrative interface according to claim 31 wherein the private key 
repository maintenance function is further adapted to store the key related information 
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and associated private key of a public key, private key} pair in association with one of a 
plurality of access identifiers (column 5 line 26 - column 6 line 33); and 

wherein the decryptor authorization logic definition function is further adapted to 
store each authorization logic in association wijh one of the plurality of access identifiers 
(column 7 lines 35-49). 

Claim 35 is rejected as applied above in rejecting claim 33. Furthermore, Ford 
discloses: 

A decryptor according to claim 33 further comprising means for using the 
decryption key to decrypt the data ciphertext (Figure 4, column 7 lines 35 - 50). 

Claim 36 is rejected as applied above in rejecting claim 33. Furthermore, Ford 
discloses: 

A decryptor according to claim 33 adapted to make the decryptor information 
available to the key release agent by including the decryptor information in the key 
release request (Figure 2 step 34, column 6 line 40 - column 7 line 49). 

Claim 37 is rejected as applied above in rejecting claim 33. Furthermore, Ford 
discloses: 

A decryptor according to claim 33 further comprising means for decrypting at 
least a portion of the key release response containing an encrypted version of the 
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decryption key using a private key of a second {public key, private key} pair to recover 
the decryption key (Figure 4, column 7 lines 35 - 50). 

Claim 4 is rejected as applied above in rejecting claim 2. Furthermore, Ford discloses: 

A method according to claim 2 wherein the decryptor making the decryptor 
information available to the key release agent comprises including the decryptor 
information in the key release request (Figure 2 step 34, column 6 line 40 - column 7 
line 49). 

Claim 5 is rejected as applied above in rejecting claim 2. Furthermore, Ford discloses: 

A method according to claim 2 wherein the decryptor making the decryptor 
information available to the key release agent comprises the decryptor providing the 
decryptor information to the key release agent while establishing a secure connection 
with the key release agent (Figure 2 step 34, column 6 line 40 - column 7 line 49). 

Claim 1 1 is rejected as applied above in rejecting claim 10. Furthermore, Ford 
discloses: 

A method according to claim 10 further comprising: 

before generating the key release request, determining if at least one private key 
of the plurality of first {public key, private key} pairs is available at the decryptor (column 
6 lines 33 - 65); 
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upon determining none of the private keys of the plurality of first {public key, 
private key} pairs is available at the decryptor generating the key release request 
(column 6 lines 33 - 65). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1..136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 



Business Center (EBC) at 866-217-9197 (toll-free). 
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